SY0-501 · Question #146
SY0-501 Question #146: Real Exam Question with Answer & Explanation
The correct answer is C: OS hardening. To protect laptops used primarily on untrusted wireless networks, OS hardening is the best method to reduce the risk of compromise. This process significantly minimizes the device's attack surface and vulnerabilities.
Question
A business has recently deployed laptops to all sales employees. The laptops will be used primarily from home offices and while traveling, and a high amount of wireless mobile use is expected. To protect the laptops while connected to untrusted wireless networks, which of the following would be the BEST method for reducing the risk of having the laptops compromised?
Options
- AMAC filtering
- BVirtualization
- COS hardening
- DApplication white-listing
Explanation
To protect laptops used primarily on untrusted wireless networks, OS hardening is the best method to reduce the risk of compromise. This process significantly minimizes the device's attack surface and vulnerabilities.
Common mistakes.
- A. MAC filtering controls network access based on hardware addresses but provides no protection for the client device itself from exploits or attacks once it's connected to an untrusted network, nor does it secure the device's operating system.
- B. Virtualization allows running isolated operating systems but is not the primary or most direct method for securing the host operating system or reducing its overall vulnerability to network-based attacks on untrusted networks.
- D. Application white-listing restricts which applications can run on a system, which is a good security control against malware execution, but it does not address broader OS vulnerabilities, misconfigurations, or unpatched exploits that OS hardening directly mitigates.
Concept tested. Operating system security hardening
Community Discussion
No community discussion yet for this question.